56 if (($site_guid == 0) && $this->
site_guid) {
57 $site_guid = $this->site_guid;
60 $site_guid = (int) $site_guid;
62 $hash =
$user_guid . $site_guid .
'get_access_list';
69 $access =
"(" . implode(
",", $access_array) .
")";
116 if (($site_guid == 0) && $this->
site_guid) {
117 $site_guid = $this->site_guid;
121 $site_guid = (int) $site_guid;
123 $hash =
$user_guid . $site_guid .
'get_access_array';
126 $access_array = $cache[$hash];
133 $prefix = $db->getTablePrefix();
138 $query =
"SELECT am.access_collection_id" 139 .
" FROM {$prefix}access_collection_membership am" 140 .
" LEFT JOIN {$prefix}access_collections ag ON ag.id = am.access_collection_id" 141 .
" WHERE am.user_guid = $user_guid AND (ag.site_guid = $site_guid OR ag.site_guid = 0)";
143 $collections = $db->getData($query);
146 if (!empty($collection->access_collection_id)) {
147 $access_array[] = (int)$collection->access_collection_id;
153 $query =
"SELECT ag.id FROM {$prefix}access_collections ag ";
154 $query .=
"WHERE ag.owner_guid = $user_guid AND (ag.site_guid = $site_guid OR ag.site_guid = 0)";
156 $collections = $db->getData($query);
159 if (!empty($collection->id)) {
160 $access_array[] = (int)$collection->id;
167 if ($ignore_access ==
true) {
172 if ($init_finished) {
173 $cache[$hash] = $access_array;
179 'site_id' => $site_guid
229 'table_alias' =>
'e',
232 'access_column' =>
'access_id',
233 'owner_guid_column' =>
'owner_guid',
234 'guid_column' =>
'guid',
240 $options[
'table_alias'] = rtrim($options[
'table_alias'],
'.');
242 foreach (array(
'table_alias',
'access_column',
'owner_guid_column',
'guid_column') as
$key) {
245 $options[
'user_guid'] =
sanitize_int($options[
'user_guid'],
false);
248 $table_alias = $options[
'table_alias'] ? $options[
'table_alias'] .
'.' :
'';
259 if ($options[
'ignore_access']) {
260 $clauses[
'ors'][] =
'1 = 1';
261 }
else if ($options[
'user_guid']) {
263 $clauses[
'ors'][] =
"$table_alias{$options['access_column']} = " .
ACCESS_FRIENDS .
" 264 AND $table_alias{$options['owner_guid_column']} IN ( 265 SELECT guid_one FROM {$prefix}entity_relationships 266 WHERE relationship = 'friend' AND guid_two = {$options['user_guid']} 270 $clauses[
'ors'][] =
"$table_alias{$options['owner_guid_column']} = {$options['user_guid']}";
274 if (!$options[
'ignore_access']) {
276 $clauses[
'ors'][] =
"$table_alias{$options['access_column']} IN {$access_list}";
279 if ($options[
'use_enabled_clause']) {
280 $clauses[
'ands'][] =
"{$table_alias}enabled = 'yes'";
283 $clauses =
_elgg_services()->hooks->trigger(
'get_sql',
'access', $options, $clauses);
286 if (is_array($clauses[
'ors']) && $clauses[
'ors']) {
287 $clauses_str =
'(' . implode(
' OR ', $clauses[
'ors']) .
')';
290 if (is_array($clauses[
'ands']) && $clauses[
'ands']) {
292 $clauses_str .=
' AND ';
294 $clauses_str .=
'(' . implode(
' AND ', $clauses[
'ands']) .
')';
297 return "($clauses_str)";
336 $prefix = $db->getTablePrefix();
338 $query =
"SELECT guid from {$prefix}entities e WHERE e.guid = {$entity->guid}";
340 $query .=
" AND " . $access_bit;
341 if ($db->getData($query)) {
386 if (($site_guid == 0) && $this->
site_guid) {
387 $site_guid = $this->site_guid;
391 $site_guid = (int) $site_guid;
393 $hash =
$user_guid . $site_guid .
'get_write_access_array';
396 $access_array = $cache[$hash];
399 $access_array = array(
409 $access_array[$collection->id] = $collection->name;
413 if ($init_finished) {
414 $cache[$hash] = $access_array;
420 'site_id' => $site_guid,
421 'input_params' => $input_params,
489 if (($site_guid == 0) && $this->
site_guid) {
490 $site_guid = $this->site_guid;
494 $prefix = $db->getTablePrefix();
498 $q =
"INSERT INTO {$prefix}access_collections 499 SET name = '{$name}', 500 owner_guid = {$owner_guid}, 501 site_guid = {$site_guid}";
502 $id = $db->insertData($q);
508 'collection_id' =>
$id 511 if (!
_elgg_services()->hooks->trigger(
'access:collections:addcollection',
'collection',
$params,
true)) {
541 $cur_members = (is_array($cur_members)) ? $cur_members : array();
543 $remove_members = array_diff($cur_members,
$members);
544 $add_members = array_diff(
$members, $cur_members);
548 foreach ($add_members as
$guid) {
552 foreach ($remove_members as $guid) {
570 if (!
_elgg_services()->hooks->trigger(
'access:collections:deletecollection',
'collection',
$params,
true)) {
575 $prefix = $db->getTablePrefix();
578 $q =
"DELETE FROM {$prefix}access_collection_membership 579 WHERE access_collection_id = {$collection_id}";
582 $q =
"DELETE FROM {$prefix}access_collections 583 WHERE id = {$collection_id}";
606 $prefix = $db->getTablePrefix();
608 $query =
"SELECT * FROM {$prefix}access_collections WHERE id = {$collection_id}";
609 $get_collection = $db->getDataRow($query);
611 return $get_collection;
646 $prefix = $db->getTablePrefix();
649 $q =
"INSERT INTO {$prefix}access_collection_membership 650 SET access_collection_id = $collection_id, user_guid = $user_guid 651 ON DUPLICATE KEY UPDATE user_guid = user_guid";
683 if (!
_elgg_services()->hooks->trigger(
'access:collections:remove_user',
'collection',
$params,
true)) {
688 $prefix = $db->getTablePrefix();
690 $q =
"DELETE FROM {$prefix}access_collection_membership 691 WHERE access_collection_id = {$collection_id} 692 AND user_guid = {$user_guid}";
694 return (
bool)$db->deleteData($q);
707 $site_guid = (int) $site_guid;
709 if (($site_guid == 0) && $this->site_guid) {
710 $site_guid = $this->site_guid;
714 $prefix = $db->getTablePrefix();
716 $query =
"SELECT * FROM {$prefix}access_collections 717 WHERE owner_guid = {$owner_guid} 718 AND site_guid = {$site_guid} 721 $collections = $db->getData($query);
738 $prefix = $db->getTablePrefix();
741 $query =
"SELECT e.* FROM {$prefix}access_collection_membership m" 742 .
" JOIN {$prefix}entities e ON e.guid = m.user_guid" 743 .
" WHERE m.access_collection_id = {$collection_id}";
744 $collection_members = $db->getData($query,
"entity_row_to_elggstar");
746 $query =
"SELECT e.guid FROM {$prefix}access_collection_membership m" 747 .
" JOIN {$prefix}entities e ON e.guid = m.user_guid" 748 .
" WHERE m.access_collection_id = {$collection_id}";
749 $collection_members = $db->getData($query);
750 if (!$collection_members) {
753 foreach ($collection_members as
$key => $val) {
754 $collection_members[
$key] = $val->guid;
758 return $collection_members;
770 $member_guid = (int) $member_guid;
771 $site_guid = (int) $site_guid;
773 if (($site_guid == 0) && $this->site_guid) {
774 $site_guid = $this->site_guid;
778 $prefix = $db->getTablePrefix();
780 $query =
"SELECT ac.* FROM {$prefix}access_collections ac 781 JOIN {$prefix}access_collection_membership m ON ac.id = m.access_collection_id 782 WHERE m.user_guid = {$member_guid} 783 AND ac.site_guid = {$site_guid} 786 $collections = $db->getData($query);
809 $access = (int) $entity_access_id;
814 $access_array = array(
821 if (array_key_exists(
$access, $access_array)) {
828 return $translator->translate(
'access:limited:label');
843 return $translator->translate(
'access:limited:label');
getAccessList($user_guid=0, $site_guid=0, $flush=false)
Return a string of access_ids for $user_guid appropriate for inserting into an SQL IN clause...
getCollectionsByMember($member_guid, $site_guid=0)
Return an array of database row objects of the access collections $entity_guid is a member of...
__construct($site_guid)
Constructor.
removeUser($user_guid, $collection_id)
Removes a user from an access collection.
get_access_array($user_guid=0, $site_guid=0, $flush=false)
Returns an array of access IDs a user is permitted to see.
if($guid==elgg_get_logged_in_user_guid()) $name
getMembers($collection_id, $guids_only=false)
Get all of members of an access collection.
getWriteAccessArray($user_guid=0, $site_guid=0, $flush=false, array $input_params=array())
Returns an array of access permissions that the user is allowed to save content with.
$CONFIG site_guid
The guid of the current site object.
hasAccessToEntity($entity, $user=null)
Can a user access an entity.
update($collection_id, $members)
Updates the membership in an access collection.
getAccessArray($user_guid=0, $site_guid=0, $flush=false)
Returns an array of access IDs a user is permitted to see.
$guid
Removes an admin notice.
getWhereSql(array $options=array())
Returns the SQL where clause for enforcing read access to data.
get_access_collection($collection_id)
Get a specified access collection.
sanitize_string($string)
Sanitize a string for database use.
elgg_get_ignore_access()
Get current ignore access setting.
addUser($user_guid, $collection_id)
Adds a user to an access collection.
$init_finished
A flag to set if Elgg's access initialization is finished.
getEntityCollections($owner_guid, $site_guid=0)
Returns an array of database row objects of the access collections owned by $owner_guid.
elgg_check_access_overrides($user_guid=0)
Decides if the access system should be ignored for a user.
get_user($guid)
Get a user object from a GUID.
elgg_set_ignore_access($ignore=true)
Set if Elgg's access system should be ignored.
get_write_access_array($user_guid=0, $site_guid=0, $flush=false, array $input_params=array())
Returns an array of access permissions that the user is allowed to save content with.
$ENTITY_SHOW_HIDDEN_OVERRIDE
Allow disabled entities and metadata to be returned by getter functions.
elgg global
Pointer to the global context.
get_access_list($user_guid=0, $site_guid=0, $flush=false)
Return a string of access_ids for $user_guid appropriate for inserting into an SQL IN clause...
create($name, $owner_guid=0, $site_guid=0)
Creates a new access collection.
getReadableAccessLevel($entity_access_id)
Return the name of an ACCESS_* constant or an access collection, but only if the logged in user owns ...
sanitize_int($int, $signed=true)
Sanitizes an integer for database use.
$user_guid
Avatar remove action.
_elgg_get_access_where_sql(array $options=array())
Returns the SQL where clause for enforcing read access to data.
if(!$collection_name) $id
canEdit($collection_id, $user_guid=null)
Can the user change this access collection?